Additional Information

The vulnerability can be exploited over multiple protocols. This issue affects the 'Scripting' sub-component. The problem occurs because the Java ScriptingEngine does not properly handle Rhino Javascript errors. This can result in unprivileged code running in a privileged context.

This vulnerability affects the following supported versions:JDK and JRE 7, 6 Update 27

Affected

JDK and JRE 7, 6 Update 27

Response

Updates are available. Please see the references for more information.